updated 12:05 pm EDT, Tue May 24, 2011
Initial threat may be limited
A group of Russian forensic experts, ElcomSoft, has successfully cracked both the hardware and firmware backup encryption for iOS devices, reports say. Partly to increase appeal to corporate buyers, Apple began introducing hardware encryption with the iPhone 3GS, later improving the system with iOS 4. The firmware lets people assign a passcode for the hardware encryption keys, making it even more difficult for an attacker to see data.
ElcomSoft's invention is Phone Password Breaker, which is GPU-accelerated and can decipher both iOS and BlackBerry backups. The catch with iOS backups is that in order to crack protected files, a person must have access to the associated device. Needed encryption keys are kept in hardware and not shared, says Elcom's Vladimir Katalov.
Keys must be generated from a combination of hardware UDID, passcode, escrow pairing records and effaceable storage. No special effort is needed, however, if a target chooses not to encrypt backups in iTunes. Leaving backups exposed can potentially allow access to sensitive information such as contacts and logins.